dns-zone-controller: with env-manager generating dnssec key and zone records

commit: e8b2f010c0f4f3a3e459ac68596f42ee5c104682 [log] [tgz]
author: Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local> Thu Nov 30 19:05:03 2023 +0400
committer: Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local> Thu Nov 30 19:05:03 2023 +0400
tree: 1659e3879b67b801dd70928ab768814f828edcff
parent: 724885f1f6e7cc78bc0b00612579221687f76a09 [diff] [blame]
diff --git a/core/ns-controller/config/rbac/role.yaml b/core/ns-controller/config/rbac/role.yaml
new file mode 100644
index 0000000..f5694fd
--- /dev/null
+++ b/core/ns-controller/config/rbac/role.yaml

@@ -0,0 +1,45 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  name: manager-role
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - dodo.cloud.dodo.cloud
+  resources:
+  - dnszones
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - dodo.cloud.dodo.cloud
+  resources:
+  - dnszones/finalizers
+  verbs:
+  - update
+- apiGroups:
+  - dodo.cloud.dodo.cloud
+  resources:
+  - dnszones/status
+  verbs:
+  - get
+  - patch
+  - update
commit	e8b2f010c0f4f3a3e459ac68596f42ee5c104682	[log] [tgz]
author	Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local>	Thu Nov 30 19:05:03 2023 +0400
committer	Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local>	Thu Nov 30 19:05:03 2023 +0400
tree	1659e3879b67b801dd70928ab768814f828edcff
parent	724885f1f6e7cc78bc0b00612579221687f76a09 [diff] [blame]